On Sun, Dec 29, 2013 at 05:33:09PM +0000, fosiul alam wrote: > Hi > Thanks for the quick Reply. I was thinking that same that some where > its missing the Bind dn > > and I can conferm that, its working with definning > > binddn and bindpw in ldap.conf > > but , > I confiered this before and I never had to define binddn and bindpw > in any where in ldap.conf and as you said that for production its not > appropriate. Sounds like your previous setup either permitted anonymous binds to search for this information (had the ACLs permitting this) or had people bind as themselves and permitted them (via ACLs) to search for their own entries. Unfortunately it has been a bit of a while since I set this up with 389 and I don't recall specifically how. But in your place I would see if I could get PAM/LDAP to bind with authenticating users' credentials for logins, and bind anonymously for generic stuff like group info. > which mean, something i have missed while configuring direcotory server, > > I guess, I will have to tell Directory server to bind annonomouse > search with cn=Directory Manager or something like this. > > but currnelty its not cliking on my head. > > Any further help will really appreciate. > > Kind Regards > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users